TLS section "tls" missing, trying to use legacy configuration

Tal Nur nurtal at yahoo.com
Thu Feb 28 19:20:21 CET 2019


Dear all,
I'm configuring Freeradius 3.0.15 for Eduroam.In the debug output of freeradius -X  I got the error message: TLS section "tls" missing, trying to use legacy configurationI have tls section in my /mods-enabled/eap file but this tls configuration wasn't read during start of Freeradius.
What I do wrong? Here is the part of the frreradius -X output:
# Instantiating module "eap" from file /etc/freeradius/mods-enabled/eap
   # Linked to sub-module rlm_eap_tls
   tls {
   }
TLS section "tls" missing, trying to use legacy configuration
   tls {
    verify_depth = 0
    pem_file_type = yes
    private_key_file = "/etc/freeradius/certs/server.key"
    certificate_file = "/etc/freeradius/certs/server.pem"
    ca_file = "/etc/freeradius/certs/ca.pem"
    private_key_password = <<< secret >>>
    dh_file = "/etc/freeradius/certs/dh"
    random_file = "/dev/urandom"
    fragment_size = 1024
    include_length = yes
    auto_chain = yes
    check_crl = no
    check_all_crl = no
    cipher_list = "DEFAULT"
    ecdh_curve = "prime256v1"
    cache {
     enable = no
     lifetime = 24
     max_entries = 255
    }
    verify {
     skip_if_ocsp_ok = no
    }
    ocsp {
     enable = no
     override_cert_url = no
     use_nonce = yes
     timeout = 0
     softfail = no
    }
   }


More information about the Freeradius-Users mailing list